Trusted Computing: Difference between revisions

(13 intermediate revisions by 7 users not shown)

Line 1:

Trusted Computing , sometimes called "Treacherous Computing" sis the name of the initiative of a joint effort of multiple companies to add hardware level restrictions and restrict user ownership and freedom on multiple various types of

~~Computers and devices, including , but not limited~~ to: ~~Computers~~, desktop and notebook, single board computers, pdas, smartphones, tablets, media players, game consoles, digital video recoord3rs, home theater systems, smart televusions, streaming boxes, pretty much anything with a ~~printed circuit board and~~ a ~~digital purpose.~~

Trusted Computing is a technology developed by the Trusted Computing Group. It aims to restrict the workings of a computer so that it may only behave in expected ways.

It is a controversial technology because it can be used to restrict the freedom of the owner of the computer. For this reason it has been dubbed by free software activist Richard Stallman "Treacherous Computing"<ref>{{Cite web |title=Can You Trust Your Computer? |url=https://www.gnu.org/philosophy/can-you-trust.html |url-status=live |archive-url=https://web.archive.org/web/20250729024422/https://www.gnu.org/philosophy/can-you-trust.html |archive-date=2025-07-29}}</ref><ref>{{Cite web |title=Trust me, i'm a computer |url=https://www.scl.org/3835-trust-me-i-m-a-computer/ |url-status=live}}</ref>

==How it works==

Trusted Computing ~~usually consists of both hardware and software restrictions, From a locked down restricted operating system to a locked down restricted bios and or firmware to hardware level backdoors in the cpu, soc~~, ~~mainboard, to a physical chip known as a "Trusted Comouting Module" "TPM" for short. A tpm enabled machine will RESTRICT and will NOT allow certain user actions.~~

The workings of Trusted Computing are based on six key principles, these being :

~~==Why it is a problem==~~

#Sealed storage

~~One problem is user ownership~~ and freedom. Depending on the device, various user actions may estricted and or compleytely prohibited. Installing and using third party and or alternative software from operating systems to applications may be restricted and or completely impossible! Modifying certain system settings may be restrited and or completely impossible! Also user loss if ownership over data including files and documents is an issue!

#Memory curtaining / protected execution

#Secure input and output

#Endorsement key

#Remote attestation

#Trusted Third Party (TTP)

Sealed storage consists in the protection of information trough binding it to the configuration of the platform being used. Trough this one may for example lock certain files from being opened if they lack the needed license.

~~Another problem~~ is ~~privacy and seceruty. Because~~ of ~~hardware and software level backdoors, an affected system is vulnerable to remote tampering, sabotage and attack, both when~~ the ~~machine is on and off! Data including files and documents can be edited, encrypted, deleted without~~ the ~~user's consent nor knowledge! System settungs can be edited without the user's consent nor knowledge!~~

Memory curtaining or Protected execution is the isolation of certain sensitive parts of memory (for example decryption keys) from the rest of the system.

Endorsement keys are a pair of public and private keys that are 2048-bit [[wikipedia:RSA_cryptosystem|RSA]] keys generated randomly at the factory on the chip. They cannot be changed and are required to operate secure transactions. This makes it impossible for emulators of TC to be able to complete safe transactions.

==~~les~~==

Remote attestation allows changes to the user's computer to be detected by authorized parties.

==Why it's considered to be a problem==

One problem highlighted by Stallman and others is user ownership and freedom. Depending on the device, various user actions may be restricted and or completely prohibited. Installing and using third party and or alternative software from operating systems to applications may be restricted and or completely impossible. Modifying certain system settings may be restricted and or completely impossible.

Other highlighted problems relate to privacy and security. Because of hardware and software level backdoor, an affected system could be vulnerable to remote tampering, sabotage and attack, both when the machine is on and off. Data including files and documents can be edited, encrypted and/or deleted without the user's consent nor knowledge. System settings can be edited without the user's consent nor knowledge.

==Examples==

Some notable examples include:

~~Palladium~~

*Windows Vista, Windows 7, Windows 8 and Windows RT (They use a Trusted Platform Module to facilitate BitLocker Drive Encryption) <ref>{{Cite journal |title=A Disk Encryption Algorithm for Windows Vista |url=http://download.microsoft.com/download/0/2/3/0238acaf-d3bf-4a6d-b3d6-0a0be4bbb36e/BitLockerCipher200608.pdf |journal=[[Microsoft Corp.]]}}</ref>

*[[Signal data collection|Signal]] messenger<ref>{{Cite web |title=Scaling secure enclave environments with Signal and Azure confidential computing |url=https://customers.microsoft.com/en-us/story/1374464612401582154-signal-nonprofit-azure-security |url-status=live}}</ref>

*and the e-prescription service E-Rezept<ref>{{Cite web |title=Confidential Computing soll Patientendaten schützen |url=https://www.healthcare-computing.de/confidential-computing-soll-patientendaten-schuetzen-a-996680/}}</ref>

==References==

~~Trusted Computing Module TPM and TPM~~ 2.0

https://www.slashgear.com/windows-11-tpm-2-0-could-affect-other-software-as-well-05689649/

~~Almost every smartphone and tablet both Android~~

https://www.fsf.org/blogs/community/drm-carroll

~~Amazon Kindle and kindke fire~~

https://en.m.wikipedia.org/wiki/Trusted_Computing

~~Apple Ipod~~

https://www.defectivebydesign.org/what_is_drm<nowiki/>{{reflist}}https://www.fsf.org/news/treacherous.html

~~Microsoft zune~~

[https://www.fsf.org/campaigns/campaigns/secure-boot-vs-restricted-boot https://www.fsf.org/campaigns/campaigns/secure-boot-vs-restricted-boo]

~~Sony Playstation line of consoles~~

https://www.fsf.org/campaigns/campaigns/secure-boot-vs-restricted-boot

~~Microsoft XbOx line if consoles~~

https://www.fsf.org/blogs/sysadmin/the-management-engine-an-attack-on-computer-users-freedom

~~Intel Magement Engine~~

https://www.gnu.org/philosophy/android-and-users-freedom.html

~~AMD equivelent~~

https://www.gnu.org/philosophy/loyal-computers.html

~~Secureboot~~

https://www.gnu.org/proprietary/proprietary.html

~~Pluton~~

https://www.fsf.org/campaigns/fight-to-repair

~~Walled gardens~~

https://www.gnu.org/philosophy/tivoization.html

~~Windows 10~~

https://foundation.mozilla.org/en/privacynotincluded/

~~Windows 11~~

https://www.ftc.gov/news-events/news/press-releases/2025/01/ftc-states-sue-deere-company-protect-farmers-unfair-corporate-tactics-high-repair-costs

~~Macos~~

https://foundation.mozilla.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/

https://wiki.archlinux.org/title/Trusted_Platform_Module

~~Tesla Motors Automobiles~~

https://wiki.gentoo.org/wiki/Trusted_Platform_Module

~~John Deere Tractors~~

https://arstechnica.com/tech-policy/2023/04/tesla-sued-after-report-that-workers-shared-invasive-images-from-car-cameras/

~~==References==~~

~~{{reflist}}~~

https://replicant.us/

http://www.trustedcomputinggroup.org/

https://www.intel.com/content/www/us/en/support/articles/000008927/software/chipset-software.html

[https://www.fsf.org/campaigns/campaigns/secure-boot-vs-restricted-boot t]

[[Category:Common terms]]

@@ Line 1: / Line 1: @@
-Trusted Computing , sometimes called "Treacherous Computing" sis the name of the initiative of a joint effort of multiple companies to add hardware level restrictions and restrict user ownership and freedom on multiple various types of
+{{ToneWarning}}
-Computers and devices, including , but not limited to: Computers, desktop and notebook, single board computers, pdas, smartphones, tablets, media players, game consoles, digital video recoord3rs, home theater systems, smart televusions, streaming boxes, pretty much anything with a printed circuit board and a digital purpose.
+Trusted Computing is a technology developed by the Trusted Computing Group. It aims to restrict the workings of a computer so that it may only behave in expected ways.
+It is a controversial technology because it can be used to restrict the freedom of the owner of the computer. For this reason it has been dubbed by free software activist Richard Stallman "Treacherous Computing"<ref>{{Cite web |title=Can You Trust Your Computer? |url=https://www.gnu.org/philosophy/can-you-trust.html |url-status=live |archive-url=https://web.archive.org/web/20250729024422/https://www.gnu.org/philosophy/can-you-trust.html |archive-date=2025-07-29}}</ref><ref>{{Cite web |title=Trust me, i'm a computer |url=https://www.scl.org/3835-trust-me-i-m-a-computer/ |url-status=live}}</ref>
 ==How it works==
-Trusted Computing usually consists of both hardware and software restrictions, From a locked down restricted operating system to a locked down restricted bios and or firmware to hardware level backdoors in the cpu, soc, mainboard, to a physical chip known as a "Trusted Comouting Module" "TPM" for short. A tpm enabled machine will RESTRICT and will NOT allow certain user actions.
+The workings of Trusted Computing are based on six key principles, these being :
-==Why it is a problem==
+#Sealed storage
-One problem is  user ownership and freedom. Depending on the device, various user actions may estricted and or compleytely prohibited. Installing and using third party and or alternative software from operating systems to applications may be restricted and or completely impossible! Modifying certain system settings may be restrited and or completely impossible! Also user loss if ownership over data including files and documents is an issue!
+#Memory curtaining / protected execution
+#Secure input and output
+#Endorsement key
+#Remote attestation
+#Trusted Third Party (TTP)
+Sealed storage consists in the protection of information trough binding it to the configuration of the platform being used. Trough this one may for example lock certain files from being opened if they lack the needed license.
-Another problem is privacy and seceruty.  Because of hardware and software level backdoors, an affected system is vulnerable to remote tampering, sabotage and attack, both when the machine is on and off!  Data including files and documents can be edited, encrypted, deleted without the user's consent nor knowledge! System settungs can be edited without the user's consent nor knowledge!
+Memory curtaining or Protected execution is the isolation of certain sensitive parts of memory (for example decryption keys) from the rest of the system.
+Endorsement keys are a pair of public and private keys that are 2048-bit [[wikipedia:RSA_cryptosystem|RSA]] keys generated randomly at the factory on the chip. They cannot be changed and are required to operate secure transactions. This makes it impossible for emulators of TC to be able to complete safe transactions.
-==les==
+Remote attestation allows changes to the user's computer to be detected by authorized parties.
+==Why it's considered to be a problem==
+One problem highlighted by Stallman and others is user ownership and freedom. Depending on the device, various user actions may be restricted and or completely prohibited. Installing and using third party and or alternative software from operating systems to applications may be restricted and or completely impossible. Modifying certain system settings may be restricted and or completely impossible.
+Other highlighted problems relate to privacy and security.  Because of hardware and software level backdoor, an affected system could be vulnerable to remote tampering, sabotage and attack, both when the machine is on and off. Data including files and documents can be edited, encrypted and/or deleted without the user's consent nor knowledge. System settings can be edited without the user's consent nor knowledge.
+==Examples==
 Some notable examples include:
-Palladium
+*Windows Vista, Windows 7, Windows 8 and Windows RT (They use a Trusted Platform Module to facilitate BitLocker Drive Encryption) <ref>{{Cite journal |title=A Disk Encryption Algorithm for Windows Vista |url=http://download.microsoft.com/download/0/2/3/0238acaf-d3bf-4a6d-b3d6-0a0be4bbb36e/BitLockerCipher200608.pdf |journal=[[Microsoft Corp.]]}}</ref>
+*[[Signal data collection|Signal]] messenger<ref>{{Cite web |title=Scaling secure enclave environments with Signal and Azure confidential computing |url=https://customers.microsoft.com/en-us/story/1374464612401582154-signal-nonprofit-azure-security |url-status=live}}</ref>
+*and the e-prescription service E-Rezept<ref>{{Cite web |title=Confidential Computing soll Patientendaten schützen |url=https://www.healthcare-computing.de/confidential-computing-soll-patientendaten-schuetzen-a-996680/}}</ref>
+==References==
-Trusted Computing Module TPM and TPM 2.0
+https://www.slashgear.com/windows-11-tpm-2-0-could-affect-other-software-as-well-05689649/
-Almost every smartphone and tablet both Android
+https://www.fsf.org/blogs/community/drm-carroll
-Amazon Kindle and kindke fire
+https://en.m.wikipedia.org/wiki/Trusted_Computing
-Apple Ipod
+https://www.defectivebydesign.org/what_is_drm<nowiki/>{{reflist}}https://www.fsf.org/news/treacherous.html
-Microsoft zune
+[https://www.fsf.org/campaigns/campaigns/secure-boot-vs-restricted-boot https://www.fsf.org/campaigns/campaigns/secure-boot-vs-restricted-boo]
-Sony Playstation line of consoles
+https://www.fsf.org/campaigns/campaigns/secure-boot-vs-restricted-boot
-Microsoft XbOx line if consoles
+https://www.fsf.org/blogs/sysadmin/the-management-engine-an-attack-on-computer-users-freedom
-Intel Magement Engine
+https://www.gnu.org/philosophy/android-and-users-freedom.html
-AMD equivelent
+https://www.gnu.org/philosophy/loyal-computers.html
-Secureboot
+https://www.gnu.org/proprietary/proprietary.html
-Pluton
+https://www.fsf.org/campaigns/fight-to-repair
-Walled gardens
+https://www.gnu.org/philosophy/tivoization.html
-Windows 10
+https://foundation.mozilla.org/en/privacynotincluded/
-Windows 11
+https://www.ftc.gov/news-events/news/press-releases/2025/01/ftc-states-sue-deere-company-protect-farmers-unfair-corporate-tactics-high-repair-costs
-Macos
+https://foundation.mozilla.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/
+https://wiki.archlinux.org/title/Trusted_Platform_Module
-Tesla Motors Automobiles
+https://wiki.gentoo.org/wiki/Trusted_Platform_Module
-John Deere Tractors
+https://arstechnica.com/tech-policy/2023/04/tesla-sued-after-report-that-workers-shared-invasive-images-from-car-cameras/
-==References==
-{{reflist}}
+https://replicant.us/
+http://www.trustedcomputinggroup.org/
+https://www.intel.com/content/www/us/en/support/articles/000008927/software/chipset-software.html
+[https://www.fsf.org/campaigns/campaigns/secure-boot-vs-restricted-boot t]
 [[Category:Common terms]]